Changeset View
Changeset View
Standalone View
Standalone View
shared/protos/identity_client.proto
syntax = "proto3"; | syntax = "proto3"; | ||||
package identity.client; | package identity.client; | ||||
// RPCs from a client (iOS, Android, or web) to identity service | // RPCs from a client (iOS, Android, or web) to identity service | ||||
service IdentityClientService { | service IdentityClientService { | ||||
// Account actions | // Account actions | ||||
// Called by user to register with the Identity Service (PAKE only) | // Called by user to register with the Identity Service (PAKE only) | ||||
// Due to limitations of grpc-web, the Opaque challenge+response | // Due to limitations of grpc-web, the Opaque challenge+response | ||||
// needs to be split up over two unary requests | // needs to be split up over two unary requests | ||||
// Start/Finish is used here to align with opaque protocol | // Start/Finish is used here to align with opaque protocol | ||||
rpc RegisterPasswordUserStart(RegistrationStartRequest) returns ( | rpc RegisterPasswordUserStart(RegistrationStartRequest) returns ( | ||||
RegistrationStartResponse) {} | RegistrationStartResponse) {} | ||||
rpc RegisterReservedPasswordUserStart(ReservedRegistrationStartRequest) | |||||
returns (RegistrationStartResponse) {} | |||||
rpc RegisterPasswordUserFinish(RegistrationFinishRequest) returns ( | rpc RegisterPasswordUserFinish(RegistrationFinishRequest) returns ( | ||||
RegistrationFinishResponse) {} | RegistrationFinishResponse) {} | ||||
// Called by user to update password and receive new access token | // Called by user to update password and receive new access token | ||||
rpc UpdateUserPasswordStart(UpdateUserPasswordStartRequest) returns | rpc UpdateUserPasswordStart(UpdateUserPasswordStartRequest) returns | ||||
(UpdateUserPasswordStartResponse) {} | (UpdateUserPasswordStartResponse) {} | ||||
rpc UpdateUserPasswordFinish(UpdateUserPasswordFinishRequest) returns | rpc UpdateUserPasswordFinish(UpdateUserPasswordFinishRequest) returns | ||||
(Empty) {} | (Empty) {} | ||||
// Called by user to register device and get an access token | // Called by user to register device and get an access token | ||||
▲ Show 20 Lines • Show All 86 Lines • ▼ Show 20 Lines | |||||
message RegistrationStartRequest { | message RegistrationStartRequest { | ||||
// Message sent to initiate PAKE registration (step 1) | // Message sent to initiate PAKE registration (step 1) | ||||
bytes opaqueRegistrationRequest = 1; | bytes opaqueRegistrationRequest = 1; | ||||
string username = 2; | string username = 2; | ||||
// Information needed to open a new channel to current user's device | // Information needed to open a new channel to current user's device | ||||
DeviceKeyUpload deviceKeyUpload = 3; | DeviceKeyUpload deviceKeyUpload = 3; | ||||
} | } | ||||
message ReservedRegistrationStartRequest { | |||||
// Message sent to initiate PAKE registration (step 1) | |||||
bytes opaqueRegistrationRequest = 1; | |||||
string username = 2; | |||||
// Information needed to open a new channel to current user's device | |||||
DeviceKeyUpload deviceKeyUpload = 3; | |||||
// Message from Ashoat's keyserver attesting that a given user has ownership | |||||
// of a given username | |||||
string keyserverMessage = 4; | |||||
// Above message signed with Ashoat's keyserver's signing ed25519 key | |||||
string keyserverSignature = 5; | |||||
} | |||||
// Messages sent from a client to Identity Service | // Messages sent from a client to Identity Service | ||||
message RegistrationFinishRequest { | message RegistrationFinishRequest { | ||||
// Identifier to correlate RegisterStart session | // Identifier to correlate RegisterStart session | ||||
string sessionID = 1; | string sessionID = 1; | ||||
// Final message in PAKE registration | // Final message in PAKE registration | ||||
bytes opaqueRegistrationUpload = 2; | bytes opaqueRegistrationUpload = 2; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 190 Lines • Show Last 20 Lines |